<?php
	if($_SERVER["REQUEST_METHOD"]=='POST') {
		$password_sql = $_POST['password']=='' ? '': ", `password` = '". md5(mysql_escape_string($_POST['password'])). "'";
		$name = mysql_escape_string($_POST['name']);
		$email = mysql_escape_string($_POST['email']);
		$tel = mysql_escape_string($_POST['tel']);
		
		$sql = "UPDATE `control_user` SET `name` = '$name', `email` = '$email', `tel` = '$tel' $password_sql WHERE `user_id` = '$ss_user_id' LIMIT 1";
		mysql_query($sql);

		redirect('./?update=complete');
		exit;
	}
?>